Database Security and Auditing: Protecting Data Integrity and Accessibility

1. Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models

2. Objectives • Describe the different types of users in a database environment and the distinct purpose of each • Identify and explain the concepts of five security models • List the most commonly used application types Database Security & Auditing: Protecting Data Integrity & Accessibility

3. Objectives (continued) • Implement the most common application security models • Understand the use of data encryption within database applications Database Security & Auditing: Protecting Data Integrity & Accessibility

4. Types of Users • Application: • Solves a problem • Performs a specific business function • Database: collection of related data files used by an application • Application user: user within the application schema Database Security & Auditing: Protecting Data Integrity & Accessibility

5. Types of Users (continued) • Types: • Application administrator • Application owner • Application user • Database administrator • Database user • Proxy user • Schema owner • Virtual user Database Security & Auditing: Protecting Data Integrity & Accessibility

6. Security Models • Access Matrix Model: • Represents two main entities: objects and subjects: • Columns represent objects • Rows represent subjects • Objects: tables, views, procedures, database objects • Subjects: users, roles, privileges, modules • Authorization cell Database Security & Auditing: Protecting Data Integrity & Accessibility

7. Security Models (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

8. Security Models (continued) • Access Modes Model: • Based on the Take-Grant model • Uses objects and subjects • Specifies access modes: static and dynamic modes • Access levels: a subject has access to objects at its level and all levels below it Database Security & Auditing: Protecting Data Integrity & Accessibility

9. Security Models (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

10. Security Models (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

11. Application Types • Client/Server applications: • Management Information System (MIS) department: • Thirty year ago centralized information • Developed mainframe projects • Was a bottleneck • Personal computer was introduced: developing need for client/server applications • Based on the business model Database Security & Auditing: Protecting Data Integrity & Accessibility

12. Client/Server Applications Database Security & Auditing: Protecting Data Integrity & Accessibility

13. Client/Server Applications (continued) • Provides a flexible and scalable structure • Components: • User interface • Business logic • Data access • Components usually spread out over several tiers: • Minimum two • Normally, four to five Database Security & Auditing: Protecting Data Integrity & Accessibility

14. Client/Server Applications (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

15. Client/Server Applications (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

16. Web Applications • Evolved with the rise of dot-com and Web-based companies • Uses the Web to connect and communicate to the server • A Web application uses HTML pages created using: • ActiveX • Java applets or beans • ASP (Active Server Pages) Database Security & Auditing: Protecting Data Integrity & Accessibility

17. Web Applications (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

18. Web Applications (continued) • Components: • Web browser layer • Web server layer • Application server layer • Business logic layer • Database server layer Database Security & Auditing: Protecting Data Integrity & Accessibility

19. Web Applications (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

20. Data Warehouse Applications • Used in decision-support applications • Collection of many types of data taken from a number of different databases • Typically composed of a database server • Accessed by software applications or reporting applications: online analytical processing (OLAP) Database Security & Auditing: Protecting Data Integrity & Accessibility

21. Data Warehouse Applications (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

22. Application Security Models • Models: • Database role based • Application role based • Application function based • Application role and function based • Application table based Database Security & Auditing: Protecting Data Integrity & Accessibility

23. Security Model Based on Database Roles • Application authenticates application users: maintain all users in a table • Each user is assigned a role; roles have privileges assigned to them • A proxy user is needed to activate assigned roles; all roles are assigned to the proxy user • Model and privileges are database dependent Database Security & Auditing: Protecting Data Integrity & Accessibility

24. Security Model Based on Database Roles (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

25. Security Model Based on Database Roles (continued) • Implementation in Oracle: • Create users • Add content to your tables • Add a row for an application user • Look for application user’s role • Activate the role for this specific session Database Security & Auditing: Protecting Data Integrity & Accessibility

26. Security Model Based on Database Roles (continued) • Implementation in SQL Server: • Use application roles: • Special roles you that are activated at the time of authorization • Require a password and cannot contain members • Connect a user to the application role: overrules user’s privileges Database Security & Auditing: Protecting Data Integrity & Accessibility

27. Security Model Based on Database Roles (continued) • Implementation in SQL Server (continued): • Create and drop application roles using the command line and the Enterprise Manager: • SP_ADDAPPROLE • SP_DROPAPPROLE • You can activate application roles using SP_SETAPPROLE Database Security & Auditing: Protecting Data Integrity & Accessibility

28. Security Model Based on Database Roles (continued) • Implementation in SQL Server (continued): • Connect to database as the proxy user • Validate the user name and password • Retrieve the application role name • Activate the application role Database Security & Auditing: Protecting Data Integrity & Accessibility

29. Security Model Based on Database Roles (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

30. Security Model Based on Application Roles • Application roles are mapped to real business roles • Application authenticates users • Each user is assigned to an application role; application roles are provided with application privileges (read and write) Database Security & Auditing: Protecting Data Integrity & Accessibility

31. Security Model Based on Application Roles (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

32. Security Model Based on Application Roles (continued) • Implementation in SQL Server • Create a database user • Connect the application to the database using this user • Create stored procedures to perform all database operations Database Security & Auditing: Protecting Data Integrity & Accessibility

33. Security Model Based on Application Functions • Application authenticates users • Application is divided into functions • Considerations: • Isolates application security from database • Passwords must be securely encrypted • Must use a real database user • Granular privileges require more effort during implementation Database Security & Auditing: Protecting Data Integrity & Accessibility

34. Security Model Based on Application Functions (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

35. Security Model Based on Application Roles and Functions • Combination of models • Application authenticates users • Application is divided into functions: • Roles are assigned to functions • Functions are assigned to users • Highly flexible model Database Security & Auditing: Protecting Data Integrity & Accessibility

36. Security Model Based on Application Roles and Functions (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

37. Security Model Based on Application Tables • Depends on the application to authenticate users • Application provides privileges to the user based on tables; not on a role or a function • User is assigned access privilege to each table owned by the application owner Database Security & Auditing: Protecting Data Integrity & Accessibility

38. Security Model Based on Application Tables (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

39. Security Model Based on Application Tables (continued) • Implementation in SQL Server: • Grant authorization on application functions to the end user • Alter authorization table from the security model based on database roles; incorporate the table and access columns required to support model Database Security & Auditing: Protecting Data Integrity & Accessibility

40. Application Security Models Database Security & Auditing: Protecting Data Integrity & Accessibility

41. Application Security Models (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

42. Data Encryption • Passwords should be kept confidential and preferably encrypted • Passwords should be compared encrypted: • Never decrypt the data • Hash the passwords and compare the hashes Database Security & Auditing: Protecting Data Integrity & Accessibility

43. Data Encryption (continued) Database Security & Auditing: Protecting Data Integrity & Accessibility

44. Summary • An application user is simply a record created for a user within the application schema; usually does not have database privileges or roles assigned • Access matrix: • Columns represent objects • Rows represent subjects • Authorization cell • Access mode Database Security & Auditing: Protecting Data Integrity & Accessibility

45. Summary (continued) • Application types: client/server, Web, and Data Warehouse • Application security models • Database roles • Application roles • Application functions • Roles and functions in the application • Application tables Database Security & Auditing: Protecting Data Integrity & Accessibility